How to Protect Your Company From a Data Breach

2017 was really “the year of the data breach”, seeing a higher than ever level of data breaches in companies across the world. All businesses can be affected, and because the cost of a potential breach can be very high, extra attention needs to be paid to potential data breaches and cyber security. Here's how to protect your company from a data breach:

On average during 2017, 5,076,479 data records were lost or stolen on a daily basis, and 61% of the victims were companies with fewer than 1,000 employees. So this problem isn't just affecting large corporations like the ones we hear about on the news. Here are some steps to take towards protecting your company:

1. Educate your staff

The system is as strong as its weakest link, which in this case could be an employee who is oblivious to the consequences of data security. For example, if they take the business memory stick home or uses a private network on a company’s computer. These scenarios can leave the company vulnerable to online threats and present a great risk of cyber attack.

Make sure that all of your employees are well aware of the dangers and necessary steps that need to be taken if a breach was to occur. They will be responsible for changing passwords every week, and ensuring they are strong enough. Teach them how to encrypt data, avoid malware and properly store the data. Of course, it’s always good to restrict the mobility of the devices used, as well as to minimise the use of personal social media accounts while at work.

2. Understand the rules and regulations

It’s essential that you learn everything there is to know about the security regulations for the GDPR (General Data Protection Regulation) and with particular regard to your requirements to report a data breach within 72 hours and what you should do if a data breach occurs that affects personal data.

3. Hire a cyber specialist

The consequences of a data breach can be disastrous for your business, so consider hiring a cyber specialist or at least having one outsourced to your company, someone whose sole responsibility is to monitor that all levels of protection are functioning and take care of the latest developments and enhancements in cyber security.

4. Develop a plan for a possible cyber attack

Sooner or later, you’re going to experience an attempt of a data breach, and you need to decide on the particular steps which are to be taken when that happens.

who is to be informed about the violation including when to inform top management, when to inform customers etc.

how the rest of your data is to be protected from harm

how you’re going to inform clients or customers who have been affected by the breach

how you are going to deal with the aftermath

5. Find out your weaknesses

Every system has flaws, so even the best security system out there has certain parts which are more or less susceptible to a cyber-attack. For this reason, security scans, penetration testing and threat detections need to be performed routinely, either in-house or through a professional company.

The least you can do is pay attention to logging and alerting. Ensure you enable centralised logging and that alerts go off in the cases of a lot of failed logins or unauthorised access.

As we have mentioned before, having strong passwords is the first step as 80% of the breaches occur because of stolen or weak passwords.

6. Educate your customers

In order for everything to function perfectly, it’s not enough just to increase the security and protection levels within your company. You can have the best cyber security professional, update all the systems, and train your employees regularly. But if you’ve failed to inform your customer about the importance of strong passwords and similar steps, this leaves a huge gap in your otherwise “safe” system.

Your clients need to know what they can do to minimise risks. For example, using new encrypted credit cards will help, as well as some similar secure payment systems.

These would be some basic steps to be taken in order to improve your company's cyber security. Since the consequences of a data breach can potentially close a business down, you should do everything in your power to defend yourself in the best way possible.

Over to you now. Have you taken these steps to protect your business from a data breach? Tell us in the comments below.